Rubrik Adds Analytics and Automation to Help Combat Ransomware
Rubrik has unveiled a series of updates to its namesake data protection and management platform that includes an ability to better respond to ransomware attacks.
The Rubrik software-as-a-service (SaaS) platform now includes tools for tracking what data is being employed by whom using Sonar user behavior analytics to provide insights and context. That capability makes it possible to surface anomalous events indicative of a ransomware attack in progress via a dashboard that Rubrik provides, says Vasu Murthy, vice president of product for Rubrik.
Additionally, Rubrik is adding workflows that enable IT teams to initiate a mass recovery in a matter of minutes in addition to AppFlows that provide a control plane for capturing resource mapping and workload dependencies. These make it easier to reliably failover to another data center.
Other capabilities being added to the platform include integration with third-party security operations tools such as Palo Alto Networks Cortex XSOAR and ServiceNow Incident Response, support for Kubernetes clusters, network-attached storage (NAS) platforms, AHV virtual machines from Nutanix, Microsoft 365, the SAP HANA database platform, and the open source Cassandra database.
Finally, Rubrik has added support for two-factor authentication, backups launched from NetApp SnapMirror software and more efficient and incremental backups for vSphere Metro Storage Cluster (vMSC) software.
Collectively, these capabilities provide IT teams with a global view of data assets residing in multiple silos, said Murthy. That’s critical because as the amount of data that organizations are generating the management of data has become more problematic than ever. Most organizations don’t have a robust set of automated data management tools that spans all the silos of data they have. Rubrik as part of an ongoing effort to converge data protection and management is embedding those capabilities within a SaaS platform that can be accessed from anywhere. “We want to bring this to a different level,” says Murthy.
Also read: Ransomware-as-a-Service: How It Works & How to Prevent It
The Convergence of Data Protection and Management
Data protection and management are converging in part because so many IT teams regularly employ backup tools to also migrate data into public clouds. Providers of those tools are now expanding the reach of their offerings to provide a wider range of data management and security capabilities.
The security implications of those efforts are equally profound. The only defense against a ransomware attack once it starts is the ability to recover a pristine copy of any data that might have been encrypted by malware that continues to spread laterally across an entire IT environment until it’s contained. Often the biggest challenge organizations face today when combating ransomware threats is synchronizing workflows across disparate IT operations and cybersecurity teams. Thwarting ransomware threats requires a level of programmatic integration between data protection and security tools that has thus far proven challenging for most IT organizations to implement and maintain.
Regardless of how IT organizations rise to the challenge, it’s clear data protection, management and security are all starting to converge around a set of best data engineering practices also known as data operations (DataOps). IT teams that lack that DataOps capability will, unfortunately, soon find themselves struggling with both security and agility at a time when many organizations are trying to simultaneously invest in multiple mission-critical digital business transformation initiatives.
Read next: Email Security Tips to Prevent Phishing and Malware
